Swift for TensorFlow is a result of first-principles thinking applied to machine learning frameworks, and works quite differently than existing TensorFlow language bindings. Whereas prior solutions are designed within the constraints of what can be achieved by a (typically Python or Lua) library, Swift for TensorFlow is based on the belief that machine learning is important enough to deserve first-class language and compiler support.

First-class language and compiler support allows us to innovate in areas that have traditionally been out of bounds for machine learning libraries. Our results provide the performance of TensorFlow graphs with the ease of use of define-by-run models, and provides a great user experience - for example, by catching more mistakes before you run your code.

This is an early stage project which isn’t ready for use by general machine learning researchers. We are open sourcing the project early while it is still possible to change anything about its design, allowing the project to benefit from the expertise of the broader community. We don’t have 1.0 release plans, but will discuss that when it comes closer.

The macOS High Sierra 10.13.4 update improves the stability, performance, and security of your Mac, and is recommended for all users.

[…]

Adds support for external graphics processors (eGPUs)

[…]

Enables sorting Safari bookmarks by name or URL by right clicking and choosing ‘Sort By…’

[…]

Displays privacy icons and links to explain how your data will be used and protected when Apple features ask to use your personal information

So far the update has worked fine for me except that (like most of the recent ones) it got stuck with a black screen for several hours. Eventually I power cycled the iMac, and then (after a few more auto-reboots) the update completed.

The latest update to High Sierra, bringing it to 10.13.4, does fix the bug discovered by Sarah Edwards when making an APFS encrypted volume in Disk Utility – in both its original form (fixed in 10.13.2) and the form which remained into 10.13.3.

Air Display users: Please don’t update your host Mac to macOS 10.13.4. It introduces severe WindowServer bugs that crash most inelegantly when you connect to a virtual monitor like Air Display (or its competitors). 10.13.3 still works fine. Hopefully Apple will fix 10.13.4 soon.

Thanks to App Store policy, we cannot change Air Display 3’s app description, to warn that macOS 10.13.4 kernel panics when you connect to Air Display, when we submit a new version of the iOS app. But a new version won’t be approved because the host crashes. Sigh.

Apple has just released 10.13.4, which includes support for HEIC / HEIF encoding (support for reading HEIC was introduced in 10.13). And if you’ve already updated to Acorn 6.1, the option to export your image as HEIC will now appear for you in the Web Export window.

Don’t forget that macOS 10.13.4 has a 64-bit-only mode, which you’ll want to turn on as a Mac developer to see if your apps still function correctly. Users can give it a go too just to see what’s about to break forever in the next macOS…

If you happen to want Messages in iCloud in macOS 10.13.4, the checkbox shows up in Messages if you have an empty /AppleInternal folder… Do with this information what you will — but there’s clearly a reason why it hasn’t shipped yet for the public, so be warned

With the iOS version of Charles you can capture and inspect network requests and responses on your iOS device. You can view metadata, headers and bodies in the app, so you can finally debug your app’s networking issues without a computer.

playing with the @charlesproxy iOS app and it’s super creepy watching all these apps constantly send home data in the background. (the screenshots only show connections over a 2 minute period when I had all apps force quit). this is so fucked up

iOS 11.3 is a major update that introduces a long list of new features, including several that Apple has been promising for months. The update introduces a new “Battery Health” feature that's designed to provide iOS users with more information about their batteries, and it is a function Apple promised to introduce following backlash over the power management features added to older iPhones.

I was disappointed to find that my iPhone battery’s Maximum Capacity is still 100% and that it supports “normal peak performance.” This means that the incredible slowness I’ve been seeing over the past month or so: 10 seconds to log in, 15 seconds to launch apps that used to just take a few seconds, stuttery animations, 5-second freezes doing seemingly basic tasks like adding actions in OmniFocus—are software problems with no obvious fix. It’s weird because sometimes my iPhone SE feels like it’s running full speed. But other times it feels like an iPhone 4S or older. This contrast made me suspect that the CPU was being throttled, except that the slowness did not seem to be correlated with battery level.

Disappointed that iOS 11.3 doesn’t include iMessage in iCloud, according to reports from new iPad owners. Maybe major iOS releases should launch with ‘beta’ labels in September, like new features do? (High Sierra sure needed a warning label)

We should be happy when beta features don’t yet graduate to a release - it means they’re still working it out, and WE WANT LESS BUGS.

Also missing is AirPlay 2, which people expected in iOS 11.3 since it’s necessary for some features that were supposed to be part of the HomePod launch originally scheduled for December, however Apple only said that it would ship “later this year.”

Honestly, stuff like not updating iWork or Mac mini regularly and not pushing out services like Apple News internationally are a much bigger concern to me than stuff they are working on but just taking longer than expected.

I think only people in tech identify iMessage Sync as a feature; I think the lack of (reliable/predictable) sync is more practically identified as a bug, and iMessage Sync as a bug fix. My point: iMessage sync is Apple slowing down and producing better quality software.

Apple shows the following messages in Battery Health, depending on your iPhone's capability to handle apps at peak performance[…]

[…]

iPhone 8, iPhone 8 Plus, and iPhone X models use a more advanced hardware and software design that provides a more accurate estimation of both power needs and the battery's power capability to maximize overall system performance. This allows a different performance management system that more precisely allows iOS to anticipate and avoid an unexpected shutdown.

Looks like iOS 11.3 bug is breaking some MDM stuff. This means I can’t administer standardized testing sessions tomorrow without manually configuring a bunch of iPad for guided access.

This is why Apple’s IT services stack is so important. I can get away with these because we are a smaller school. At a larger district, this is a show stopping problem. I have no doubt that if something like this happened with G Suite, it would be fixed today.

There is no way an iOS update is coming today to address this. Apple Radar # 39116010. This is why I don’t get super excited about Pencil support or a Classwork app. Apple just still hasn’t gotten the basics down.

This isn’t like “oh Apple Music doesn’t give as good recommendations at Spotify” complaint about Apple’s services. This is a major major bug on a release that had been beta tested for months.

Facebook Container isolates your Facebook identity from the rest of your web activity. When you install it, you will continue to be able to use Facebook normally. Facebook can continue to deliver their service to you and send you advertising. The difference is that it will be much harder for Facebook to use your activity collected off Facebook to send you ads and other targeted messages.

This Add-On offers a solution that doesn’t tell users to simply stop using a service that they get value from. Instead, it gives users tools that help them protect themselves from the unexpected side effects of their usage.

Because you will be logged into Facebook only in the Container, embedded Facebook comments and Like buttons in tabs outside the Facebook Container will not work. This prevents Facebook from associating information about your activity on websites outside of Facebook to your Facebook identity.

In addition, websites that allow you to create an account or log in using your Facebook credentials will generally not work properly. Because this extension is designed to separate Facebook use from use of other websites, this behavior is expected.

I’ve love to see this sort of thing for more sites and in more browsers.

With @Brave you do not need an “extension that isolates your Facebook identity from the rest of your web activity” -- we block all trackers by default, including FB’s. The real consistency+courage test would be to do the same to Google’s trackers.

The standard 5GB of free iCloud storage has been in place for years now, and, frankly, it’s starting to wear thin. When most iOS devices come in 32GB configurations at the smallest, and many start at 64GB, 5GB feels pretty paltry. Especially when the next step in the upgrade tier is to pay $0.99 for 50GB of storage space. I realize Services has become a moneymaker for Apple, but it just feels cheap.

[…]

I see too many people who don’t want to back up their data because they are worried about being hostage to additional fees for the rest of their lives.

I think the single best reason for giving us increased storage is Apple Photos. They’ve built a platform that lets us take, save, and share photos, but it requires nearly all of us to make regular monthly payments so we have enough storage.

[…]

Taken to its logical conclusion, paltry free storage results in people losing their photos and being understandably pissed at Apple.

The 5GB limit has been in place since Apple unveiled iCloud at WWDC 2011. It’s been almost seven years! That’s too long to be stuck in place, and it’s reminiscent of the way Apple dragged its feet in moving away from 16GB iPhones. It eventually happened, but long after many of us had determined 16GB to be an unworkable amount of space.

[…]

If you never upgrade, you’re likely going to have a worse time using an iPhone. Full stop. It surprises me that Apple continues to let that fly.

[…]

And despite Apple’s best efforts (like the video above) to explain how you can manage iCloud, customers are inevitably confused, frustrated, and annoyed when they hit the ceiling. It usually happens well before they approach the limits of their iPhone or iPad’s physical storage, and that disconnect between the two only makes things more irritating.

Apple is not providing a live video stream of today’s event, but will post the video on its website and the Apple Events app on Apple TV following the event. We will be updating this article with live blog coverage—no need to refresh—and issuing Twitter updates through our @MacRumorsLive account as the keynote unfolds.

Apple previously lowered the price of its 9.7-inch iPad last year, with a base model starting at $329, but today it’s going a step further for students. Apple is offering the new iPad to schools priced at $299 and to consumers for $329. The optional Apple Pencil will be priced at $89 for schools and the regular $99 price for consumers. This is obviously not the $259 budget iPad pricing that was rumored, but it does make it a little more affordable to students and teachers.

The Crayon has the same stylus technology as Pencil (but no pressure sensitivity) with a completely different external design. Plug in a normal Lightning cable to charge, and it has a power status LED.

The Crayon basically has all the ‘ugly’ features that Jony Ive would never approve.

Integrated Apple Pencil support in the new upcoming versions of Pages and Keynote will enable users to add drawings directly to reports and take advantage of smart annotation features, while students in particular will benefit from using the input device in Numbers to add to their “lab reports”, said Apple.

I think Apple still has a pricing problem. Chromebooks are in the low $200 range. The new iPad is $300, but when you add a case/keyboard $100 and an Apple Pencil ($100), a fully rigged iPad becomes nearly 2.5 times the cost of a Chromebook. When schools need to buy them by the hundreds (or thousands), that extra $300 is going to matter.

Notably missing from the sixth-generation iPad’s specs is the Smart Connector, necessary for Apple’s Smart Keyboard. Apple likely felt that adding such support would cannibalize sales of the 10.5-inch iPad Pro, and it’s also possible that it would have forced a price increase. Nonetheless, it’s unfortunate, because it forces schools that adopt the sixth-generation iPad to come up with some Bluetooth keyboard solution for older students who need to, you know, actually write. And frankly, any iPad in an education setting needs a ruggedized case anyway.

Not only is $500 ($300 for iPad, $100 for Pencil, $100 for keyboard) too expensive to compete with cheap ChromeBooks in education, but the iPad keyboards (first- and third-party) just aren’t good enough to replace a laptop keyboard.

The hardware cost is important, but far secondary to the cost of administration. Chromebooks are so popular in schools bc they’re so cheap and easy to deploy and administer. iOS was not made for network admins.

When the iPad was first brought into the classroom it was done in schools where, by and large, budget was not an issue and teachers were empowered to invest time in finding the best way to use technology to reinvent and energize teaching. It was really about rethinking how to teach and connect with students. As technology became more pervasive, schools discovered that it was not just about teaching but it was also about managing the classroom. This is what Google was able to capitalize on. Yes, schools turn to Chromebooks because the hardware is cheaper but also because the total cost of ownership when it comes to deployment, management, and teacher’s involvement is much lower.

Logitech’s Rugged Combo 2 keyboard case for the iPad is not likely to be something you’ll want to buy. It’s just too big for most. It’s very, very rugged, surrounding the device in a huge plastic block that feels like it could protect the glass inside from nearly anything.

[…]

But I am here to tell you that it is fascinating. The spill-proof keyboard doesn’t connect via Bluetooth, but instead via a custom smart connector Logitech developed, which passes through to the Lightning port inside the case. The keyboard is therefore removable (it attaches by a strong magnet) and can be replaced with a simple cover.

The thing stands up via a kickstand on the back. That means, when the keyboard is attached, it basically looks like a big, blocky Surface Pro.

The special iWork-optimized flavor of Markup included here has marker, pencil, crayon, and shape tools, along with an eraser. If you tap one of the tools when it’s already selected, it will reveal more options to modify the tool’s size and opacity. To get started with Markup, you simply tap your Pencil to the screen and hold, and the Markup tools will appear. If you want to add a sketch without your Pencil in hand, you can do that by hitting the app’s + button, then selecting the Drawing option.

One special Pencil feature Pages receives is something Apple calls Smart Annotation. Launching in beta with today’s update, Smart Annotation enables making comments and proof marks on written work that will then remain dynamically attached to the annotated text, so your Pencil markings will remain with the right words even if changes are later made within the document.

It cannot open my iBooks Author file for my book on the iMac G3 and history of Mac OS X. I’m not super surprised by that, but as the future of iBooks Author is unknown, I’d like a way to know I can edit this file using Pages in the future.

Both accessories are specifically designed to sell to the education market and will not hit general retail.

Let’s start with the Crayon because it’s fascinating. It’s half the price of the Apple Pencil and works a little bit differently. It does not need to be paired via Bluetooth. Instead, any Crayon can work with any [6th generation] iPad. Apple says that’s so a teacher can walk around with it and use it with student devices. Since it doesn’t pair via Bluetooth, it can’t do pressure sensitivity.

Chromebooks accounted for 60 percent of laptops, tablet and other mobile computers shipped to U.S. K-12 schools in the third quarter of 2017, according to FutureSource Consulting. Apple’s iPads accounted for 12 percent of those school devices, less than half of its market share in 2014.

Her opinion is that the tablet form factor is problematic, mainly because students can barely be trusted to not lose a laptop, let alone a tablet, a case, and a stylus. Also, look at the profile view of an iPad in the new keyboard case Apple showed on stage[…]

The iPad requires a decent amount of space behind the keyboard to stand up. When kids are using these on small desks, this can be a problem and makes a laptop form facto more appealing.

I get it, iCloud storage is a pain for a lot of people. As I’ve written before, iCloud’s paid tiers are very competitively priced. Here’s who much you need to pay get get different amounts of data on the major cloud storage platforms[…]

I came into this event hoping to see three things: hardware pricing, an improved productivity and collaboration suite and a bigger focus on managing the classroom. Apple addressed my three points but in true Apple fashion it did so in a way that was not obvious to me.

[…]

While I am not sure yet if these changes are enough for a consumer to switch from Microsoft Office or G-suite, I think they are welcome additions in education.

[…]

[Classroom management] was for me the most important part of the day and what really shows that Apple now as a full solution rather than a series of features.

The slide presented by Steve Jobs showed two street signs representing “the intersection of liberal arts and technology.” As shown today, they are drawn as wayposts, meaning “liberal arts is that way, and technology is in the other direction.”

The implication is that new Apple misunderstands the meaning of the phrase, but the reality is far worse: they just don’t put enough attention into anything they do to notice that these are different, or to consider that it might matter to anyone.

re: what happens when students graduate with that 200gb of iCloud- it’s tied to managed Apple IDs, so they can’t even take that ID with them once they leave. So it’s less about the content getting deleted and more about what to do with the entire account.

The key thing Apple talked about then was the goal of reinventing the textbook. Apple announced iBooks 2 which introduced interactive books. Did they succeed in changing the world of textbooks? Hardly. In fact, no one has. […] The iBooks Author strategy was failed from the beginning.

[…]

iTunes U is an iPad-only application, with a grade book that doesn’t connect to a student information system or a major learning management system. […] So here’s something to consider: how much from Apple’s 2012 education keynote has made a difference in the years since? I’d argue nearly nothing.

[…]

As I rewatched the 2012 keynote and pondered the 2018 keynote, I realized that Apple is yet again trying to craft a future for education that I am not sure fits with reality.

[…]

Education didn’t need a faster iPad. Education didn’t need Apple Pencil support. Those are great features for a consumer-friendly iPad, but education needed a clearer signal from Apple that they understand how school districts actually operate around the country and around the globe.

The more people I talk to and read about this stuff seem to have few concerns with Apple’s hardware offerings. $299 for an iPad is pretty good and the flexibility a tablet gets you is really convenient, but Apple needs to own more of the software stack if they want to move the needle in this market.

I probably wouldn’t recommend a kid learn Swift as their first programming language, not because it’s not a great and interesting language, but because the barrier to distribution and the creation of useful software is so high. The Xcode cliff is a steep one.

I know a lot has been said about Apple and education, but it speaks VOLUMES about today’s Apple that they refused to release any accessories for students themselves and pawned it off to Logitech because they didn’t want to “degrade the brand.”

10 or 20 years ago Apple selling accessories and even education specific computers was a badge of honor and something they were happy to do. Now they’re worried that it might detract from selling fashion items.

Schoolwork is being positioned as a direct competitor to a Google service called Classroom that lets educators create curricula, distribute student assignments, communicate with students and their guardians, incorporate apps into classroom programs, and more.

The cloud-based nature of Apple’s Schoolwork is key here since Google’s Classroom is — like almost everything Google does — a Web-based service.

In its 40 years of being in the education market, Apple has never been the cheapest product—they never will be. I don’t know why people expect Apple to all of a sudden just give away iPads to schools or even compete against a product like a cheap Chromebook on price.

Apple doesn’t make cheap products. Ever. They also don’t make shitty products. You can expect the iPad to last for years without breaking or becoming obsolete. I expect the return on investment for schools to be quite high when purchasing iPads for the classroom.

[…]

Apple screwed up a few years ago by not having the software and administration abilities on the iPad available for school districts. There is no question about that. But they have those features available now.

At the event this week, Apple heavily pushed this as the iPad for education. If you escape Apple’s carefully crafted PR bubble, though, I don’t think the statement holds its weight. This is the iPad that education will lean towards buying en masse, but it’s not really designed for education use.

But Holloway says that while she’s been able to use her iPad in the classroom to engage students in material they otherwise wouldn’t pay enough attention to, it can be a double-edged sword. “Once they’re used to using the iPad, the excitement of 2D and even manipulative materials pales in comparison, and it’s more difficult to engage them in activities that don’t include a digital component,” she says.

[…]

Teachers like Chen do not believe the focus should be put on the competition between iPads and Chromebooks, nor an obsession with what shiny new device a school should purchase. “For an educator, the question shouldn’t be which device, but which learning objective should we be aiming for?” she says. “I don’t think we can clearly say one device can be better than the other.”

That resulted in the, just as usual, expectational debt: The angst and anger over what the event wasn’t and was never going to be, rather than what it was — Apple celebrating 40 years in education with a love note passed in class to the teachers and students in attendance, the rest of us watching on.

[…]

That it took until almost two years after Pencil launched for iWork to gain that compatibility is a devastating critique of Apple’s ability to keep all the balls it’s currently juggling in there air. As much as hardware like Mac mini suffers from neglect, so does software, and it’s something that Apple can’t ignore away.

[…]

Whether it became apparent early on iBA wasn’t the right solution but there was no timeline on a better replacement or not, I’ll echo what I said previously about Apple not showing it can effectively juggle all the balls it has in motion. As a single provider, that’s bad for everyone. It makes it difficult to trust at any time that an Apple device or service critical to you will be treated as such by the only company in control of its destiny. It’s something Apple will have to reckon with — sticking to its “thousand nos for every yes”, and making firm choices about all the “ah… dunnos?” that are piling up.

[…]

In terms of education specifically, it really did feel like a love note, but one passed in school. One that’s full of romance but short on details. Run away with me — I’ll figure out getting a car and where we’re going later! It’s fantastic that Apple has this vision, but it’s going to be the consistency and expansion of that vision that’s key.

One of the things Apple brings to all of us, beyond its products, is that it continues to show us how things could and should be, and it forces the other companies to chase their innovations and aspirations and that makes things better for everyone over time. We need that, because if Apple stops doing that, who will?

So this educational event was all about Apple doing what Apple does best, and that’s a good thing. This doesn’t mean Apple doesn’t have things it can (and should!) do, such as better ID management, but much of the griping about the event boiled down to two big themes:

Apple has to do netbooks or it’s in big trouble! (Remember that? It’s back!)

Apple has lots of money; it should give it to education, and then we’ll like them.

Before I explain why I was in such a good mood, let’s deal with the sour stuff. If you were hoping that Apple would unveil new hardware, software, and strategy that would allow iPads to compete with Chromebooks toe-to-toe for classroom market share … well, that did not happen. It seems like an unrealistic goal to begin with. The market for classroom computers, software, and services is unique and somewhat bizarre, and Apple is uniquely ill-suited to compete in terms of raw market share.

[…]

Despite all these ugly realities, Apple used its Tuesday event to clearly explain a comprehensive and well-considered plan for the value that iPads and Apple software could add to education. There was none of the (dare I say) jaunty 1800s missionary “meet your new god” swagger that I sensed in the earlier “iPads for schools” push. Apple certainly didn’t say “Chromebooks are a huge success in education because they’re practically perfect for that world,” but it seemed to acknowledge that reality.

Apple’s new stance seems to be that kids can interact with iPads in ways that are unique. iPads have a point of view on education. And while not every school–or even most of them–can choose the iPad as its classroom computer, Apple is motivated to remove every obstacle that it can, making the experience as valuable as possible for the kids who use them and the educators who help the kids.

The big difference is that unlike a regular Apple ID, Managed Apple ID has no option to purchase any additional storage. Neither the school that owns the account nor a parent with a credit card can purchase more storage on behalf of the student. Once a student exceeds the 5GB iCloud limit they are forced to either delete content to free up space, move the content to a competing cloud service or export it off the device by connecting it to a computer. A huge pain for students and quite an oversight on Apple’s behalf.

[…]

A good relationship requires communication; a lasting one requires commitment. It often feels like Apple’s not interested in either. It can feel like being in a relationship where your partner tells you they’re all-in with you but is constantly distracted or even ignores you. Mixed signals can cause doubt and frustration in any relationship and this event reminded me of that.

[…]

The reality is that Apple has software that is rarely updated and minimal services that don’t get much attention either. It feel like their solution is for IT administrators to fill that void with third-party applications, tools and services that it doesn’t provide.

The NSDoubleLocalizedStrings user default is a reasonably well-known and officially documented localization debugging aide. It repeats the text of each localized string, making it double-length so that you can test whether your layout still works.

Interface Builder also lets you preview views using an “Accented Pseudolanguage” and a “Bounded String Pseudolanguage.” These correspond to the NSAccentuateLocalizedStrings and NSSurroundLocalizedStrings user defaults.

Finally, there are NSForceRightToLeftLocalizedStrings and AppleTextDirection to enable the “Right to Left Pseudolanguage.” This lets you use test right-to-left layout (e.g. for Arabic) using strings from your development language.

Yesterday I was a bit scathing over published solutions for problems with iCloud, specifically the common problem of protracted or failed synchronisation of iCloud Drive. You dragged some files to iCloud Drive five or more minutes ago, and they still haven’t been synced to it.

[…]

in spite of trying these, sometimes it takes up to 72 hours for iCloud to propagate new files/folders.

[…]

I have been unable to discover any suggestions based on insights into how iCloud works, methods for establishing where the failure is or its cause (even a cryptic error number), nor more specific remedies which can be attempted. All recommendations treat iCloud and iCloud Drive as an impenetrable Black Box.

This just happened to me. I mostly use Dropbox, but I’ve been trying out iCloud Drive in a limited fashion to move PDFs from the Mac with the scanner to my iMac. It’s normally reasonably fast (though not as fast as Dropbox), but every once in a while there’s a long delay, with no obvious cause or remedy.

There is a clue suggested by Apple, one of the very few non-generic fixes available for such problems: “create a new document and save it [to iCloud] to see if it uploads to iCloud. If it does, see if other documents start uploading”.

But had I not written all those posts, good and bad, I wouldn’t be who I am today, which, hopefully, is a somewhat wiser person vectoring towards a better version of himself. What the site has become in its best moments — a slightly highfalutin description from the about page: “[kottke.org] covers the essential people, inventions, performances, and ideas that increase the collective adjacent possible of humanity” — has given me a chance to “try on” hundreds of thousands of ideas, put myself into the shoes of all kinds of different thinkers & creators, meet some wonderful people (some of whom I’m lucky enough to call my friends), and engage with some of the best readers on the web (that’s you!), who regularly challenge me on and improve my understanding of countless topics and viewpoints.

The revenue that used to sustain MacInTouch has dropped below a viable business minimum, while a plethora of other websites, operating under different business and security models, produces constant Apple news, reviews and commentary.

The MacInTouch Discussions forum is unique, as far as I know, but it’s also unsustainably labor-intensive, and there’s no way around that in its current incarnation.

At this point, my plan is to continue running MacInTouch Discussions and home/news pages at a reduced intensity for a little longer. But, before long, it will be time for a change - a sabbatical, a new blog, research, development, or something else – I’m not quite sure what yet, but I expect macintouch.com to continue in some form.

Ric passed on RSS and blogs and feeds and permalinks. For a year or two he tried to get permalinks working — which made Macintouch potentially tweetable. Recently those went away, so I wasn’t surprised by today’s announcement …

The site has often been frustrating for technical reasons like this, but it’s long been a unique and valuable resource. My thanks to Ford for all of his work, and I hope that he’s able to find a way to continue.

A worse consequence is the number of pitfalls that ABI instability present, that are difficult to understand intuitively, and in many cases impossible, or at least dangerous, to work around. These pitfalls lie mainly in areas where developer code is executed on behalf of a system service, in a system process. In this context, it is not possible for developers to ensure that the required version of Swift libraries will be available to support their code. Game over.

[…]

But once you’ve written the code to draw those fancy graphs in Swift, you’re locked out of using that code from a QuickLook Plugin. Worse? Finishing touches such as supporting Quick Look are liable to come later in the development of an app, so you’ve probably gone through the decision-making process of writing your app in Swift, before realizing that the decision effectively cuts you off from a key system feature.

I’ve been updating my course (Mac and iOS Forensics and Incident Response) to use new APFS disk images (APFS FTW!) and came across something that both incredibly useful from a forensics perspective but utterly horrifying from a security standpoint.

[…]

I used the following command to watch my unified logs in the Terminal while the process above was doing its thing:

log stream --info --predicate 'eventMessage contains "newfs_"'

…and there we have it, a plaintext password!

It’s fixed in macOS 10.13.2 [Update (2018-03-25): Actually not; see below.], but I wonder how many passwords are still stored in logs somewhere, e.g. in sysdiagnoses uploaded to Radar. Also, judging from the usage message for newfs_apfs, it looks like the fix may have been simply to suppress this particular log message. It still takes the passphrase as a command-line argument, so it might still be exposed in other ways, rather than using the more secure -stdinpass method that hdiutil uses.

Thanks to @moelassus, who reported seeing this bug persist in 10.13.3, and Sarah Edwards, we have established that this is a 100% reproducible bug in 10.13.3. It does not, any longer, affect the creation of new encrypted APFS volumes, but occurs when an existing unencrypted APFS volume is encrypted, by erasing just that volume in Disk Utility.

[…]

When Apple ‘fixed’ the original bug, which occurred when creating a new encrypted APFS volume, it clearly did so by accident, and was unaware that the change that was made to the volume creation step blocked the entry of the plaintext password in the log. Consequently, another instance in which an almost identical call was made by diskmanagementd, to newfs_apfs to make an existing volume encrypted, was left in the code. It is that call which is currently appearing in the log.

The previous examples were found in the unified logs which can hang around for a few weeks, this new example stores the exact same information in the system’s /var/log/install.log. I have found that the install.log will only get wiped out upon major re-installation (ie: 10.11 -> 10.12 -> 10.13), therefore these plaintext passwords will hang around for quite a bit longer than a few weeks! I had entries dating back to when I originally installed High Sierra on this system back in November of 2017!

Although 10.13.4 fixes this leak, it still only does part of the job. It doesn’t roll the install.log to remove all those old plaintext passphrases, which remain in the log for all to see. What is worse, to my mind, is that it doesn’t stop diskmanagementd and associated processes from writing to install.log.

When Apple introduced its new unified log in macOS Sierra, almost every other system log went silent (other than in residual entries by legacy products), apart from install.log. Why that was spared has never been explained by Apple, which suggests that it wasn’t part of its plan. This has now proved helpful in many situations, as sysadmins and others can still examine installation and update problems without having to do battle with thousands of other entries in the unified log.

[…]

One potentially good reason for continuing to write to a traditional log as well as the new unified log is the weakness of Apple’s tools – then and now – for accessing the unified log. Console still lacks any ability to browse history in the unified log, except when the live log is converted into a logarchive, and even then it is hard to use. install.log remains far more convenient to examine, and the engineers working on those parts of macOS which have been writing to it have probably been very grateful that they were not forced to work with the unified log alone.

[…]

Returning to the accident chain behind this, I can see the following links[…]

APFS encrypted volumes can be created on the disk level as well as the volume level and it truly seems to make a difference. Please also test if you find (or don’t find) the results in the Unified logs and/or the install.log or neither (and god forbid any other locations you might come across!). I’m also consistently using the “Erase” button versus the “Partition” button.

A recent trip to a New York City Apple Store by Business Insider’s Avery Hartmans revealed a chaotic, hellish mess.

The store was packed with people. It was unclear which employees were available to help and which were otherwise occupied. Without a reservation, it was nearly impossible to get help at the Genius Bar. To make matters worse, it could be days before there was an open reservation.

This isn’t an isolated issue. Social media has been flooded with complaints about Apple Stores in recent months.

[…]

“We haven’t been able to keep up with traffic since I started 8 years ago,” a senior Genius at a small store in the Midwest told Business Insider. “I wouldn’t even walk in the store because of how crowded it gets. During Christmas [season] you can hardly move.”

My last five visits have been complete disasters. It was worse than going to Best Buy in the 90s. If any other business had a waiting area consisting of “go stand in that corner,” we’d laugh at it mercilessly.

Let’s look at the core of the problem: 99% of the time, when assigning a delegation callback, there should be a [weak self] capture list, but nothing is actually preventing ourselves from omitting it. No errors, no warnings, nothing. What if instead we could force the correct behavior?

Simplify your project as much as possible so that backers have an easy decision to make. If you have 30 levels of rewards, it can become paralyzing. Just confidently offer the best version of what you’re doing.

[…]

Don’t do any other gimmicks, tricks, or hacks to get money from Kickstarter. They will almost always backfire and make you look like an asshole. The whole point of Kickstarter is to test out your idea and see if it connects with an audience. If it does - great! You get to make your thing. If it doesn’t - that’s okay too! It’s an opportunity to figure out what didn’t work and fix it.

For the love of god figure out how much shipping is going to cost before you launch.

[…]

My biggest fear about dispensing advice and platitudes is that people will just try to do the same things that I did. But of course that won’t work. Working through the anxiety of not knowing what to do and emerging on the other side with an authentic understanding of what’s special about your game is not something you can hack your way out of; it is the creative process.

But here’s the thing: using the AirPods isn’t merely a “wireless EarPods” experience. Or rather, there are surprising aspects to making the EarPods wireless that I didn’t appreciate until I used the AirPods. My impression of the EarPods has always been colored by how loosely they sat in my ears. The merest tug or tension on their wire would unseat them. Well, without a wire, that entire issue is obviated, and moreover, the stem of the AirPods sits flush with the side of my face and helps to anchor them in place. I have run with the AirPods, I’ve done push-ups, lifted weights, and moved around vigorously without either one coming close to falling out. Your mileage will, of course, vary, but I can’t say the same about Google’s Pixel Buds or the majority of other earbuds on the market, wired or wireless.

[…]

I say the AirPods aren’t technically amazing, but that’s only when comparing against existing standards for sound quality. In the category of truly wireless earbuds, the AirPods are the best I’ve yet heard.

[…]

Maintaining a consistent and reliable Bluetooth connection, the thing I actually care about, is still sadly uncommon among truly wireless buds, so Apple’s wireless earphones are easy to recommend even to Android phone users.

A whistleblower has revealed to the Observer how Cambridge Analytica – a company owned by the hedge fund billionaire Robert Mercer, and headed at the time by Trump’s key adviser Steve Bannon – used personal information taken without authorisation in early 2014 to build a system that could profile individual US voters, in order to target them with personalised political advertisements.

[…]

Documents seen by the Observer, and confirmed by a Facebook statement, show that by late 2015 the company had found out that information had been harvested on an unprecedented scale. However, at the time it failed to alert users and took only limited steps to recover and secure the private information of more than 50 million individuals.

[…]

The data was collected through an app called thisisyourdigitallife, built by academic Aleksandr Kogan, separately from his work at Cambridge University. Through his company Global Science Research (GSR), in collaboration with Cambridge Analytica, hundreds of thousands of users were paid to take a personality test and agreed to have their data collected for academic use.

However, the app also collected the information of the test-takers’ Facebook friends, leading to the accumulation of a data pool tens of millions-strong. Facebook’s “platform policy” allowed only collection of friends’ data to improve user experience in the app and barred it being sold on or used for advertising.

CA acted dishonestly in using an unrelated quiz to harvest user and friends’ profile, etc data, but it really isn’t any different than what a ton of people were doing at the time. That’s on Facebook, and on them for not notifying the public about it when they discovered it.

“This was a scam — and a fraud,” Paul Grewal, a vice president and deputy general counsel at the social network, said in a statement to The Times earlier on Friday. He added that the company was suspending Cambridge Analytica, Mr. Wylie and the researcher, Aleksandr Kogan, a Russian-American academic, from Facebook.

Facebook preempted the publication of both of these stories with a press release indicating that they’ve suspended Strategic Communications Laboratories — Cambridge Analytica’s parent — from accessing Facebook, including the properties of any of their clients.

However, the reason for that suspension is not what you may think: it isn’t because Kogan, the developer of the thisisyourdigitallife app, passed information to Cambridge Analytica, but rather because he did not delete all of the data after Facebook told him to.

[…]

Facebook can make all the policy changes it likes, but I don’t see any reason why something like this can’t happen again at some point in the future.

Facebook is a machine built to collect your personal information and hand it to others, en masse. Not surprised that a hostile actor acquired that information. I expect there are many, many, many more that we will never hear about.

[…]

Anyone who builds a Facebook app (and any rookie can do this) has access to an absurd amount of information about you and your loved ones. And there is nothing stopping them from giving it away, besides the “Terms”.

It’s been said many times before but it takes a while to sync in: The cloud is just someone else’s computer. If you’re giving up your data or attention in exchange for free social, mail, messaging, photograph, document, or other transit or storage, then you’re really just taking the drive from your computer, unencrypted, and mailing it to those companies to do with it whatever they will.

[…]

The only thing we can do is delete Facebook. And Messenger, and Whatsapp, and Instagram, and every app like them.

There is a widespread belief that Facebook is a frivolous thing people should just quit. Two billion people use it. For many of them, it is the Internet. For others, it’s the only way to stay in contact with family or loved ones. Facebook has worked hard to get ubiquitous

In large areas of the Third World, Facebook has offered free data plans as long as you stay on the site. WhatsApp and Messenger are integral parts of people’s lives. Before you say ‘just get off Facebook’, ask yourself if you really understand what Facebook is (I know I don’t)

Google is already facing significant antitrust challenges in the E.U., which is exactly what you would expect from a company in a dominant position in a value chain able to dictate terms to its suppliers. Facebook, meanwhile, has always seemed more immune to antitrust enforcement: its users are its suppliers, so what is there to regulate?

That, though, is the answer: user data. It seems far more likely that Facebook will be directly regulated than Google; arguably this is already the case in Europe with the GDPR. What is worth noting, though, is that regulations like the GDPR entrench incumbents: protecting users from Facebook will, in all likelihood, lock in Facebook’s competitive position.

This episode is a perfect example: an unintended casualty of this weekend’s firestorm is the idea of data portability: I have argued that social networks like Facebook should make it trivial to export your network; it seems far more likely that most social networks will respond to this Cambridge Analytica scandal by locking down data even further.

The con-job is that this is a Facebook-specific “breach,” and therefore theirs to address. The problem is much bigger than that. Why are the New York Times, CNN, and The Guardian reporting what you’re reading to Facebook?

But while Facebook has been on the receiving end of some heated and justified media criticism for its privacy abuses, that criticism feels detached from a broader context: namely that we’ve increasingly approved of the wholesale collection and sale of our private data without anything even vaguely resembling transparency, accountability, or oversight.

Nothing personifies this more clearly than the telecom industry, which has been gobbling up and selling consumer data on an industrial scale for the better part of the last few decades. Often with only an iota of the outrage we’ve already seen during Facebook’s latest scandal.

More than a decade ago, ISPs like Comcast began hoovering up your clickstream data (data on every website you visit) and selling it with little accountability and absolutely no transparency. When press outlets back then asked ISPs about what data they were collecting, most would simply refuse to respond. And regulators (and most press outlets) saw no real problem with that.

I’ve written software against the Facebook API, and accessing information about the social graph is part of the API. We may not like what Cambridge Analytica did with the data, but I don’t think they did anything that every other company that makes products that work with Facebook doesn’t already do. Including of course Facebook itself.

Still, it seems to me that a lot of these wounds are self-inflicted. Not just in choices the company makes from a product and policy standpoint, but also how they choose to react to issues when they arise. Even on Friday night, when it seemed like they were doing the right thing by making a swift, decisive move around a very complicated situation, it turns out, no — Facebook was simply reacting quickly because publications were about to run stories about the pilfering of data from their network for mass political profiling. And what’s worse, Facebook was apparently threatening said publications if they ran said stories.

Sandy Parakilas, the platform operations manager at Facebook responsible for policing data breaches by third-party software developers between 2011 and 2012, told the Guardian he warned senior executives at the company that its lax approach to data protection risked a major breach.

“My concerns were that all of the data that left Facebook servers to developers could not be monitored by Facebook, so we had no idea what developers were doing with the data,” he said.

Parakilas said Facebook had terms of service and settings that “people didn’t read or understand” and the company did not use its enforcement mechanisms, including audits of external developers, to ensure data was not being misused.

Facebook Inc. tried to get ahead of its latest media firestorm. Instead, it helped create one.

The company knew ahead of time that on Saturday, the New York Times and The Guardian’s Observer would issue bombshell reports that the data firm that helped Donald Trump win the presidency had accessed and retained information on 50 million Facebook users without their permission.

Facebook did two things to protect itself: it sent letters to the media firms laying out its legal case for why this data leak didn’t constitute a "breach." And then it scooped the reports using their information, with a Friday blog post on why it was suspending the ad firm, Cambridge Analytica, from its site.

It’s not just that he’s silent in public. Facebook CEO and co-founder Mark Zuckerberg declined to face his employees on Tuesday to explain the company’s role in a widening international scandal over the 2016 election.

Mr. Stamos, who plans to leave Facebook by August, had advocated more disclosure around Russian interference of the platform and some restructuring to better address the issues, but was met with resistance by colleagues, said the current and former employees. In December, Mr. Stamos’s day-to-day responsibilities were reassigned to others, they said.

Mr. Stamos said he would leave Facebook but was persuaded to stay through August to oversee the transition of his responsibilities and because executives thought his departure would look bad, the people said. He has been overseeing the transfer of his security team to Facebook’s product and infrastructure divisions. His group, which once had 120 people, now has three, the current and former employees said.

First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.

Second, we will restrict developers’ data access even further to prevent other kinds of abuse. For example, we will remove developers’ access to your data if you haven’t used their app in 3 months. We will reduce the data you give an app when you sign in -- to only your name, profile photo, and email address. We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.

Third, we want to make sure you understand which apps you’ve allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you’ve used and an easy way to revoke those apps’ permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.

The problem with Zuckerberg’s post is this. In 2011, FB was caught deceiving people about how it violated their privacy. It signed an agreement w/the FTC pledging to stop doing that. Today, Zuckerberg is outlining the steps he promised to take in 2011.

They did not disclose this at the time, nor did they notify the fifty million users whose information was accessed by Cambridge Analytica. So their claim in their press statement that they felt deceived is bunk: they knew, and did nothing when it mattered first.

Dear Mark Zuckerberg, you offered interviews to lots of outlets but not the @guardian & Observer. We broke the story first in 2015. We led the reporting last weekend. You used legal threats to try and stop us. And now, you’re... ignoring us?

This is 100% right. Zuckerberg threatening to sue the outlets who broke the stories while giving interviews to the ones who didn’t shows that the leadership of Facebook is a part of the problem.

Zuckerberg’s multiple apologies are undercut by a ruthless legal strategy to attack critics in the press, a huge lobbying operation against things like the Honest Ads Act, and massive financing of researchers and academics through dollars and access to data.

Facebook was so kind as to offer up each user’s unique Facebook User_ID when it returned these data requests. This means that all the data from all the different apps, quizzes and games can be immediately and instantly recombined into one massive database… just like Facebook’s!

[…]

To give a sense of how many apps were out there doing this: here’s an AdWeek article back in 2012, quoting Facebook as saying there were 9 million apps and websites integrated with Facebook. And 2012 was three years before Facebook cut off API access to pulling this kind of data.

[…]

For the longest period of time, Facebook was an advertising business that dreamed of being something else other than an advertising business. It wanted to be a platform.

[…]

And if those are the grand illusions that you’ve got, it’s not your proprietary data that you view as the secret to your success (which you only need to advertise). Instead, it’s developers, and getting them to build on top of your precious platform.

In a wide-ranging interview with Recode this afternoon, the Facebook CEO and co-founder said that he would appear before legislators if he was the “right” one inside the company to give lawmakers information about what happened.

If you can’t quite bring yourself to close down your account - maybe there’s a support group or family connections you’d like to keep active - then here’s how to restrict the amount of data Facebook has got on you.

A few years back, I reworked my Facebook account to lock down my personal information; given everything going on with the social media giant this week, I figured I’d walk everyone through the steps I took to keep Facebook from accidentally broadcasting valuable data to the world.

The California Consumer Privacy Act would require big companies to disclose the type of information they gather, explain how it is shared or sold and give people the right to prevent businesses from spreading their personal data.

The initiative has months to qualify for the November ballot and will likely become one of the most expensive fights this year.

Google, Facebook, AT&T, Verizon and Comcast have contributed $200,000 each to a campaign finance committee opposing the initiative since mid-February. The proponents, a trio of Bay Area business professionals, expect the Internet behemoths will eventually pour in over $100 million to try to stop the measure from passing.

After I changed all my Facebook settings and deleted API access, the next time I opened Messenger I saw these two screens trying to trick me into giving Facebook full Address Book access. Shady as hell.

The New York Times apparently offers powerful third parties the ability to edit away–that is, to delete from the internet–unfavorable coverage appearing in the paper of record’s online edition.

[…]

The Times’ original story made reference to Facebook COO Sheryl Sandberg–and mentioned her “consternation” at Stamos’ efforts to shepherd the tech giant towards being more transparent about Russian trolls’ electoral interference.

Among other things (all correct), Zeynep explains that “Facebook makes money, in other words, by profiling us and then selling our attention to advertisers, political actors and others. These are Facebook’s true customers, whom it works hard to please.”

Irony Alert: the same is true for the Times, along with every other publication that lives off adtech: tracking-based advertising. These pubs don’t just open the kimonos of their readers. They treat them as naked beings with necks bared to vampires ravenous for the blood of personal data, all ostensibly so those persons can be served with “interest-based” advertising.

Facebook is gonna turn this into an opportunity to strengthen the walls of its data silo, invite regulation that disadvantages new entrants, & avoid conversations about their propaganda amplification machine.

Meanwhile, if the government instituted new rules for tech platforms collecting persona information going forward, it could effectively lock in Facebook’s lead in the data race. If it becomes more cumbersome to gather this kind of data, no competitor might ever amass an index of psychographic profiles and social graphs able to rival Facebook’s.

The message is clear: Zuckerberg thinks we’re idiots. How are we to believe Facebook didn’t know — and derived benefits — from the widespread abuse of user data by its developers. We just became aware of the Cambridge Analytica cockroach…how many more are under the sink? In more lawyerly terms: “What did you know, and when did you know it?”

Facebook responded to reports that it collected phone and SMS data without users’ knowledge in a "fact check" blog post on Sunday.

[…]

This contradicts the experience of several users who shared their data with Ars. Dylan McKay told Ars that he installed Messenger in 2015, but only allowed the app the permissions in the Android manifest that were required for installation. He says he removed and reinistalled the app several times over the course of the next few years, but never explicitly gave the app permission to read his SMS records and call history. McKay’s call and SMS data runs through July of 2017.

In my case, a review of my Google Play data confirms that Messenger was never installed on the Android devices I used. Facebook was installed on a Nexus tablet I used and on the Blackphone 2 in 2015, and there was never an explicit message requesting access to phone call and SMS data. Yet there is call data from the end of 2015 until late 2016, when I reinstalled the operating system on the Blackphone 2 and wiped all applications.

When an app uses the Facebook SDK, Facebook gets access to the same permissions that the containing app has. Let that sink in.

[…]

Using VSCO, you’d have no idea it’s talking to Facebook. We wager they’re just using it to track ad conversion, but who knows? Sadly, the web has tools like Ghostery to block trackers, but there’s no such solution for mobile apps.

On a locked down platform such as iOS, your privacy and security are entirely in the hands of the OS vendor. On an open platform such as macOS, you can take your life into your own hands. Little Snitch on iOS? No. Reverse engineering 3rd party apps on iOS? Not without jailbreak.

I find it incomprehensible how Google-associated people still comment critically on Facebook’s business practices when 84% of their revenue (and what pays for all the free services and research) comes from precisely the targeted advertising that’s suddenly so contemptible.

Facebook successfully managed to keep Instagram out of this debate, but as far as I know, it’s basically a different UI on the same platform at this point. What percentage of users connect IG accounts to FB? Must be >80%.

The Bosworth memo reveals the extent to which Facebook’s leadership understood the physical and social risks the platform’s products carried — even as the company downplayed those risks in public. It suggests that senior executives had deep qualms about conduct that they are now seeking to defend. And as the company reels amid a scandal over improper outside data collection on its users, the memo shows that one senior executive — one of Zuckerberg’s longest-serving deputies — prioritized all-encompassing growth over all else, a view that has led to questionable data collection and manipulative treatment of its users.

Ezra Klein: One of the things that has been coming up a lot in the conversation is whether the business model of monetizing user attention is what is letting in a lot of these problems. Tim Cook, the CEO of Apple, gave an interview the other day and he was asked what he would do if he was in your shoes. He said, “I wouldn’t be in this situation,” and argued that Apple sells products to users, it doesn’t sell users to advertisers, and so it’s a sounder business model that doesn’t open itself to these problems.

[…]

Mark Zuckerberg: You know, I find that argument, that if you’re not paying that somehow we can’t care about you, to be extremely glib and not at all aligned with the truth. The reality here is that if you want to build a service that helps connect everyone in the world, then there are a lot of people who can’t afford to pay. And therefore, as with a lot of media, having an advertising-supported model is the only rational model that can support building this service to reach people.

[…]

But if you want to build a service which is not just serving rich people, then you need to have something that people can afford. I thought Jeff Bezos had an excellent saying on this in one of his Kindle launches a number of years back. He said, “There are companies that work hard to charge you more, and there are companies that work hard to charge you less.” And at Facebook, we are squarely in the camp of the companies that work hard to charge you less and provide a free service that everyone can use.

I don’t think this is a very good line for Zuckerberg. Apple is a company that works hard to charge you more. Amazon is a company that works hard to charge you less. Facebook is a company that works hard to charge someone else more for access to you.

Jobs told me that Apple had held unsuccessful talks with Facebook about a variety of unspecified partnerships related to Ping. The reason, according to Jobs: Facebook wanted “onerous terms that we could not agree to,” related to connecting with Facebook friends on Ping.

Jobs let that word hang in the air and even raised a disdainful eyebrow when I asked what he meant, including whether Ping would incorporate connecting with Facebook or even using Facebook Connect, which would make it much easier to find friends to share music with.

“We could, I guess,” he shrugged without much enthusiasm for Ping and, most of all, for linking Apple customers with Facebook.

The linguistic trick Zuckerberg pulls here is that nowhere in the entire interview does he mention the words user or customer. He only says you (in the plural sense) and people. That’s a dodge, because unlike Apple — and Amazon — Facebook’s users are not its customers — and most of the controversies they are dealing with today all stem from the fact that they favored their customers (advertisers willing to pay ever-higher sums for ever-more-invasively-targeted ads) at the expense of their users.

This larger figure, which included over a million UK users, was buried in the penultimate paragraph of a blogpost by the company’s chief technology officer, Mike Schroepfer, published on Wednesday, which also provided updates on the changes Facebook was making to better protect user information.

Facebook now acknowledges it has a two-tiered privacy system in which regular users have to live with their dumb old texts forever and the CEO’s disappear into a memory hole. Let’s remember that next week when they tell Congress how seriously they take our privacy

The data consulting firm Cambridge Analytica, which harvested as many as 87 million Facebook users' personal data, also could have accessed the private inbox messages of some of those affected. Facebook slipped this previously undisclosed detail into the notifications that began appearing at the top of News Feeds on Monday. These alerts let users know whether they or their friends had downloaded a personality quiz app called This Is Your Digital Life, which would have caused their data to be collected and potentially passed on to Cambridge Analytica.

The framework was written to be a Swift-y way to validate App Store receipts.

This contains receipt verification code plus a semi-complete ASN.1 parser (but not emitter) because the ASN.1 reading functions that Apple ships actually cannot be used from Swift, due to badly annotated headers combined with an incredibly horrrifying API (which they may have inherited from the standards body, to be fair).

Some of the entrepreneurs generously allowed us to talk about their pricing strategy publicly, to help the next generation of SaaS companies.

This advice is distilled from my career in running and consulting in various SaaS companies. Your mileage may vary; I’d encourage you to experiment often and boldly with pricing, as it is the easiest needle to move in your company. (The tendency of most SaaS companies is to set prices without much consideration and leave them alone for years at a time. I’d encourage you to revisit them quarterly.)

Except that the rMBP only had a 500GB SSD. How had it got two? “Have you got a Fusion drive in here?” the Genius asked.

[…]

At this point the Genius said he suspected there was something wrong with my SSD. So he restarted the machine, held down the key to boot from a network drive, whizzed over to the one marked 10.12 and started up. Could Disk Utility read my drive now? No, it couldn’t.

“Do you have this backed up?” he asked, indicating the computer. I sure did – SuperDuper clones, and a Time Machine backup. “I think we might need to reinstall the operating system.”

Apple obviously needs to implement some network drives formatted with APFS. Which might mean an overhaul of how it does some stuff in-store; but it should expect that there are going to be more and more people coming in with machines that are APFS-encoded.

According to Forbes, the GrayKey iPhone unlocker device is marketed for in-house use at law enforcement offices or labs. This is drastically different from Cellebrite’s overall business model, in that it puts complete control of the process in the hands of law enforcement.

[…]

Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.

After the device is unlocked, the full contents of the filesystem are downloaded to the GrayKey device. From there, they can be accessed through a web-based interface on a connected computer, and downloaded for analysis. The full, unencrypted contents of the keychain are also available for download.

The rising wait times and the phone erase function are built into the operating system. The operating system asks the Secure Enclave to do an unlock function, and when it returns an incorrect result the operating system won’t accept another attempt for a given time, and once 10 attempts are reached, sends a message to the Secure Enclave to purge its keys.

Based on the article, they have broken the chain of trust and are able to load their own operating system which can interact with the Secure Enclave directly and therefore doesn’t need to worry about those limits. It also looks like they haven’t penetrated the Secure Enclave itself, so the deliberate 80 ms minimum guess time within the Enclave itself is still intact (it takes them ~240 ms per guess based on the numbers they provide), which is good news - not everything is broken, just the weakest passwords (4-6 digit numeric)

This is basically what Apple admitted they could build for the FBI, but refused to comply and won in court saying they didn’t have to make this for them. This company either got ahold of Apple’s authentication keys to sign their “operating system” so the phone thinks it is legit and coming from Apple, or more likely they found a bug in the secure boot chain which lets them load and run their unsigned system.

GrayShift’s recently publicized “GrayKey” box designed to crack locked iPhones is seeing wide adoption among police forces and federal agencies across the United States according to a recent investigation by Motherboard.

Here’s an example of a visual glitch in the Messages app, caused by force-touching to “pop” a message followed immediately by tapping the back button.

These kinds of visual errors are not new to iOS 11, mobile apps, or user interfaces. As apps grow in complexity and user expectations rise, these seemingly small bugs can have a large impact on the final product. They make apps feel janky.

[…]

Be wary of animations that occur alongside the keyboard animation, and don’t assume you have full control over the keyboard. Hiding the keyboard without an animation is possible, but might cause complications later down the road.

[…]

If you are designing an element that animates between multiple states, make sure to consider all state transitions and edge cases.

Samsung’s customers aren’t asking for the headphone jack to be dropped, so the path of least resistance is to just keep the jack. But looking at what’s available on the market, a big problem facing Samsung (and the rest of the Android world) is that the USB-C headphone market is a mess — and expensive to boot. “No-name brand headphones at high prices” is a hard sell.

As much as AirPods are better (and cheaper) than standard Bluetooth earbuds, there is seemingly nothing close to Lightning EarPods on the market for USB-C. AirPods get all the attention, but Lightning EarPods are even further ahead of their USB-C competition. The proprietary nature of Lightning allowed Apple to make sure it was ready to serve as the wired audio connector for iPhones when Apple wanted it to be. Keep that in mind the next time you wonder why Apple doesn’t drop Lightning for USB-C.

Many of the former employees acknowledged for the first time that Apple rushed Siri into the iPhone 4s before the technology was fully baked, setting up an internal debate that has raged since Siri’s inception over whether to continue patching up a flawed build or to rip it up and start from scratch.

[…]

Several former employees said Mr. Williamson made a number of decisions that the rest of the team disagreed with, including a plan to improve Siri’s capabilities only once a year.

[…]

Mr. Williamson wrote that he tried to get the team to implement SiriKit and allow for outside developers to improve Siri’s functionality, but the team resisted because Siri’s “original software was so brittle and inflexible.”

[…]

The Siri Data Services team was eventually lumped into the Topsy team under Mr. Prakash with the plan to integrate all of the tech into a single stack. But they’re based on two different programming languages and are tricky to reconcile. […] Users could get completely different responses to the same question based on whether they were using Siri or Spotlight[…]

[…]

Several members on the Siri team took an immediate disliking to Mr. Sinha, who had no background in the natural language processing world. One former employee said Mr. Sinha’s decisions seemed to be driven by office politics instead of science.

[…]

In a sign of how unprepared Apple was to deal with a rivalry, two Siri team members told The Information that their team didn’t even learn about Apple’s HomePod project until 2015—after Amazon unveiled the Echo in late 2014.

None of this is surprising based on what we’ve seen from the outside. Unfortunately, I do not see any evidence that Siri is about to turn the corner.

If you’re not a subscriber and want to read the full article — and I encourage you to, there’s a lot in it — you can do so with this shared link if you’re willing to give The Information your email address.

[…]

The gist of The Information’s story is that Siri has existed for seven years without cohesive leadership or product vision, and the underlying technology is a mishmash of various systems that don’t work well together.

“After launch, Siri was a disaster,” Mr. Williamson wrote. “It was slow, when it worked at all. The software was riddled with serious bugs. Those problems lie entirely with the original Siri team, certainly not me.”

This statement, wholly false, was made by the architect and head of the biggest launch disaster in Apple history, Apple Maps. In reality Siri worked great at launch but, like any new platform under unexpectedly massive load, required scaling adjustments and 24 hour workdays.

This matches my experience that Siri was more responsive initially. But I don’t understand why the load was unexpectedly massive. It required an iPhone 4S, and Apple must have known how many of those it could make.

@AppleSupport @tim_cook Can you guys please make Siri responses A) consistent; B) straight and to the point, not cutesy. It is really irritating to hear meaningless filler like “the suspense is killing me” when setting a timer. Thanks.

Following last month’s release of HomePod, which puts Siri inside of a $349 smart speaker, Apple appears to be ramping up Siri hiring. According to hiring data tracked by Thinknum, job openings for Siri-related positions at Apple are at an all-time high…

Apple’s job listings indicate that it currently has 161 openings for jobs that contain the term “Siri” in their title or description.

YouTube will accompany conspiracy theory videos with links to Wikipedia to better inform viewers, YouTube CEO Susan Wojcicki announced at the South by Southwest (SXSW) conference on Tuesday in Austin, Texas.

[…]

Wikipedia is a crowdsourced digital encyclopedia — anyone can edit it — and editors sometimes engage in fierce partisan battles over divisive topics. It remains unclear how YouTube will ensure factual accuracy of suggested pages. The reliability of Wikipedia’s information has been disputed over the years, as detailed on the encyclopedia’s page about its own reliability and its catalogue of hoaxes that have appeared there.

Similarly unclear is how “informational cues” might work for breaking news events, where subjects involved may not have a complete or even partial Wikipedia presence.

It’s unclear why YouTube didn’t feel the need to ask or inform Wikimedia about its plans ahead of this week’s announcement. That’s a pretty crucial piece of information not to share. And given that YouTube has failed at efficiently moderating conspiracy theories on its platform, it might have been smart to consult with Wikimedia about how to best use its resources to fight misinformation. Of course, maybe YouTube would’ve learned that showing users a Wikipedia link isn’t the best way to fight hoaxes.

It jumps back by up to a few seconds after having been paused to help remind you of the conversation.

It slightly adjusts resumes and seeks to fall in the silences between spoken words when reasonably possible.

[…]

I was using an NSNumberFormatter to read the total [time saved] value from Overcast’s server as a double. My server always sends values with U.S.-style number formatting, using a period as the decimal separator (e.g. “1234.5”). But by default, NSNumberFormatter uses the device’s locale, so in countries that use a comma as the decimal separator (e.g. “1234,5”), it was interpreting the server’s numbers with periods as invalid and returning zero. So the Settings screen thought they hadn’t saved any time, and hid the time-saved label.

Fortunately, it was an easy fix: setting that NSNumberFormatter locale to en_US to match what the server was sending.

Overcast’s new Smart Resume feature has allowed me to turn voice turn-by-turn directions back on in Google Maps. Driving is easier (and safer – I don’t look down for next turn). I swear I’m not just saying this either. Honest truth.

Very small wins make products.

It’s amazing how much better Overcast—from a solo developer—still is than Apple’s Podcasts app. If anything, its lead seems to be increasing.

Finance Minister Bruno Le Maire said Wednesday France will take legal action against Google and Apple and fines could be in the “million of euros”. Fines are likely to be about 2 million euros ($2.5 million) per company, accused of taking advantage of local developers. This comes after a two-year investigation by the ministry’s fraud repression unit, according to an official in Le Maire’s office.

“I learned that when developers develop their applications, and sell to Google and Apple, their prices are imposed, Google and Apple take all their data, Google and Apple can unilaterally rewrite their contracts,” Le Maire said in an interview with RTL radio. “All that is unacceptable and it’s not the economy that we want. They can’t treat our startups and developers the way they do.”

I sure hope the actual suit is drawn from better information than what we’ve been given here, because while I’m on the record as deeming the current system of exclusive distribution through an app store (something which Google isn’t even guilty of) as being unsustainable in the long run, to have any hope of improving the situation through a suit Apple should be blamed for things it is actually doing. For instance, developers do not sell their wares to Apple (or Google) by any definition of that word, they do have to use a price grid but have full latitude to pick any spot in that grid, and Apple at least does not get that much data from apps.

I’m confused as to why so many reporting on this seem to be confused about the pricing comment. I would have expected it to be about price tiers and not being able to set specific prices, not about the 30% cut

In its statement, Apple explained that it has a relationship with “tens of thousands” of developers in France, who have collectively earned over 1 billion euros via the App Store. The company highlights how developers can start with a company of one or two people, but ultimately grow to a full team.

As much as it pains me to say this, Gene Munster was right. For years the former Piper Jaffray analyst was routinely mocked because at every Apple investor call, he would ask Apple leadership if they were planning to make an Apple-branded smart TV set. But after weeks of fighting to get HDR working with my Apple TV 4K, I’m convinced that if Apple intends to succeed in the TV business, the best thing to do would be to ship a television set that just worked. I’ve been writing and updating “Take Control of Apple TV” for four years now, so I know that if I’m flummoxed, the average user has little hope.

[…]

Imagine: no calibration, no special settings, nothing to twiddle with! Just sit down and watch TV in the best possible quality. Sure, it wouldn’t be Apple’s most profitable business, but neither is the current Apple TV.

Until that day comes, I’ve seen my family relying more and more on my Chromecast Ultra. It has no interface, and no settings as such — it just works.

Kingsley-Hughes determined — based on Apple’s claim that an iPhone battery is “designed to retain up to 80 percent of its original capacity at 500 complete charge cycles” — that his phone would hit 500 charges in about a year and a half. Most phones are expected to keep a charge at 80 percent for two or three years of use.

In about six months, he’s already hit 135 charging cycles. He looked at his charging behavior and realized that since switching over to a wireless charging plate about six months ago, he was eating up his charges at an alarming rate. Now instead of the cord bearing the brunt of power duties, his battery is constantly working to charge. It’s a losing battle.

I’d like to say I got the setup right the third time, but I didn’t, though I think it helped me understand better why groups are so deeply buried in Home’s UI. I had forgotten that after a group is set up, its component accessories are no longer available in Home’s UI. This makes sense if you have a lamp with two bulbs in it that you always want to come on at the same time and behave in the same way, but it’s a limitation that greatly reduces the utility of groups because it means the individual accessories that make up a group cannot be added separately to scenes. I backed out of the partially built scene realizing that I had to reconfigure my group.

The solution was to ungroup my desk lamp from the rest of my lights in the studio and set up a scene that turns the desk lamp red and a workflow that triggers that scene when the back door opens. The trouble is, scenes have a very limited concept of state so my lamp can’t be toggled back to its prior color using an automation workflow or by toggling the scene manually. I could add a timer to the automation to turn the desk lamp off after a certain amount of time, but I don’t want to turn off the light, I want to turn off the scene, and you cannot attach timers to scenes. Instead, I needed another scene to return the desk lamp to its original settings.

You probably get the point by now. Home is both too complex because of the way it splits things into rooms, zones, groups, scenes, and automations and too simple because it lacks features like robust state awareness and, in some places, timers. However, the problems with the Home app run even deeper. They are compounded by a generic UI and complex navigation.

The app is Calendar 2, a scheduling app that aims to include more features than the Calendar app that Apple bundles with macOS. In recent days, Calendar 2 developer Qbix endowed it with code that mines the digital coin known as Monero. The xmr-stack miner isn’t supposed to run unless users specifically approve it in a dialog that says the mining will be in exchange for turning on a set of premium features. If users approve the arrangement, the miner will then run. Users can bypass this default action by selecting an option to keep the premium features turned off or to pay a fee to turn on the premium features.

[…]

“On the one hand, using the user’s CPU for cryptomining has become extremely unpopular,” Thomas Reed, director of Mac offerings at antimalware provider Malwarebytes, told Ars. “The fact that this is the default is something I don’t like. I would want to see a legit app informing the user in advance or making it an option that can be turned on but is off by default. On the other hand, they [the developers] do disclose that they are doing it and give other options for people who don’t like it. My personal feeling on this is that, given the disclosure, I think the user should be allowed to make their own choice. Some people might be perfectly willing to let an app like this mine cryptocurrency so that they can use it for free.”

[…]

In an e-mail sent about 90 minutes after this post went live, Magarshak said he has decided to remove the miner from future versions of Calandar 2.

Hooray for honestly I guess!? And is getting “all advanced features for free” in return for allowing the app to turn your box into a cryptocurrency miner a fair deal? Maybe? But users clearly are not stoked about this[…]

Apple pulled Calendar 2 from the Mac App Store yesterday, and today, Qbix CEO Greg Magarshak tells 9to5Mac that it was because it violated App Store guideline 2.4.2, which states: “Design your app to use power efficiently. Apps should not rapidly drain battery, generate excessive heat, or put unnecessary strain on device resources.”

Magarshak says that within an hour Qbix had removed all mining features and worked with Apple to expedite putting the app back on the App Store. It is now offering both new and preexisting users a free year of premium features. He also says that in the three days the app was mining, it earned about $2,000 worth of Monero[…]

Debugging can be exciting, but often also very, very frustrating. In this talk, I’ll show you some lesser-known tools and techniques to find problems faster and make the compiler show you issues, before they become a crash for your users. Of course we also look at some real world examples.

In 1991, Apple released QuickTime, the first mass-market digital video software for personal computers. QuickTime is a multimedia platform for developers to add audiovisual recording, editing, and playback to their applications. Because it was built into the Macintosh operating system, users did not need to buy more hardware or software to play video. QuickTime became the most widespread media format on PCs after Apple brought it to Windows, and its incorporation into the MPEG-4 standard, used in every cell phone, computer, and set top video player today, cemented Apple’s position as a leading provider of media creation technology. How was QuickTime created? What role did it play in Apple’s history? And what impact does it have today?

Center for Software History curator Hansen Hsu leads a conversation with members of the original QuickTime team about the creation of QuickTime, its evolution, and its impact on the computer and media industries.

We have to limit our delegate to class implementations because delegates are assumed to hold mutable state.

[…]

So rather than holding our strategy’s implementation in instance methods that need to be instantiated, we’re going to move it all up into type methods on the type.

[…]

If all this .Type and .self stuff feels a little awkward, it’s probably because Swift already supports this kind of thing as a language feature. It has a specific syntax just for passing around types that are used to specialize implementations. We know it as “generics”.

However, a key difference is that, unlike delegates, the type cannot change at runtime.

In 2008 Siri began as spin-off of SRI International, where Winarsky was the President, and eventually launched as an app for iOS in February 2010. Two months later Apple acquired Siri, and just over a year after that introduced it within the iPhone 4s, shutting down the standalone app shortly thereafter. Seven years later, Winarsky said that Siri’s capabilities have fallen short of his earlier predictions for where he thought the assistant, and Apple’s development, would end up.

Specifically, Winarsky’s comments focus on what Siri’s intention was “pre-Apple” versus where the assistant is today. According to the co-founder, Siri was originally meant to be incredibly intelligent in just a few key areas -- travel and entertainment -- and then “gradually extend to related areas” once it mastered each. Apple’s acquisition pivoted Siri to an all-encompassing life assistant, and Winarsky said that this decision has likely led Apple to search “for a level of perfection they can’t get.”

For fun and frustration, I tried all of the original commands featured in that eight year old video on my iPhone[…]

[…]

What’s clear to me is that the Siri of eight years ago was, in some circumstances, more capable than the Siri of today. That could simply be because the demo video was created in Silicon Valley, and things tend to perform better there than almost anywhere else. But it’s been eight years since that was created, and over seven since Siri was integrated into the iPhone. One would think that it should be at least as capable as it was when Apple bought it.

On the 20th anniversary of HyperCard’s discontinuation, I want to pay tribute to the programming tool that started it all.

[…]

Please make your stack using the Classic size template so that it is playable on older machines and in Mini vMac. While you’re free to use color, I’d recommend against it so that you can guarantee how your stack will look on all machines.

Once you’ve finished your stack, please compress it in StuffIt to preserve any resource forks or other extended attributes.

This last part is not really necessary except for notalgia. Other formats such as disk images and .zip and .tar archives also support resource forks, and HyperCard does not need any extended attributes.

There's a few modern variants, but nothing I know of that works[…] So everyone just gives up and uses emulation, because making a new Hypercard is impossible. If you're going to do that, do it the easy way:

States aren’t pinning all their hopes on successfully suing the FCC: several are working to enact their own net neutrality laws, and this week Washington became the first state to put such a law in the books.

[…]

Going for the purse strings is a nice idea — and very likely ducks under the FCC’s preemption authority — but broadband operators are already used to dealing with innumerable state and local utility commissions. It’s the sort of thing that can be sidestepped with shell companies and finagling — and in markets like New York, Texas, and California, there’s more than enough money at stake for broadband operators to do just that. In smaller markets, broadband operators may simply choose not to comply, effectively holding improved Internet service hostage until regulators relent. That too would hurt users — and, of course, state services like schools and educational institutions.

[…]

Notice who isn’t participating in this debate? Major Internet companies like Google, Facebook, Amazon, and Apple. All these firms took public stances in favor of net neutrality — because it helps their businesses — but have been remarkably silent on state efforts to preserve some semblance of net neutrality.

Some states are trying to evade the federal preemption with indirect measures that apply only to ISPs that accept state contracts. No one knows for sure how a court would rule on state bills that regulate net neutrality directly. Even legal analysts who support net neutrality laws disagree on whether such laws would survive lawsuits filed by ISPs.

Van Schewick argues that the FCC’s preemption claims are invalid.

“While the FCC’s 2017 Order explicitly bans states from adopting their own net neutrality laws, that preemption is invalid,” she wrote. “According to case law, an agency that does not have the power to regulate does not have the power to preempt. That means the FCC can only prevent the states from adopting net neutrality protections if the FCC has authority to adopt net neutrality protections itself.”

I removed every third-party dependency, to exclude the possibility that the problem is not in our code.

[…]

Move suspicious pieces to an empty project

[…]

The code was fairly slim at this point - a few thousand lines of parsing 3D models into all kinds of data structures. Nothing concurrent, everything running synchronously. I wanted to try and look at the crash site again. Even though I knew the cause of the heap corruption could be elsewhere, seeing the stack trace in the same piece of code every time made me want to look closer there.

The pattern I started to see was that there was always a Dictionary involved, and there was always a simd type such as double3 in the dictionary.

[…]

But what if.. what if it’s really a Swift bug? 🙀

[…]

When their elements had unusually wide alignments, storage for the standard library’s collection types was not guaranteed to be always allocated with correct alignment. If the start of the storage did not fall on a suitable address, Dictionary rounded it up to the closest alignment boundary. This offset ensured correct alignment, but it also meant that the last Dictionary element may have ended up partially outside of the allocated buffer — leading to a form of buffer overflow. Some innocuous combination of OS/language/device parameters probably caused this issue to trigger more frequently — which is probably why it became noticeable on particular devices running iOS 11.

I’m sure I heard somewhere that "\(foo)\(bar)" is the recommended way to do string concatenation in Swift, but I benchmarked it and it’s almost 100x slower than using + or String.append().

I know I’ve heard that as well. I assumed it was taken as a hint to figure out the proper allocation size up front. But currently it’s slower because the interpolated elements are not assumed to be strings.

Running on the phone, the + method is almost 70 times faster, which is a significant difference when concatenating a large number — 100 million — strings. If you’re concatenating far fewer strings, your better bet is to go with the option that gives you the more readable, editable code.

His original test measured foo = "\(foo)bar" vs. foo += "bar", which is not what I would have expected from the tweet’s description. The latter is 100x faster because Swift is able to mutate the string rather than create a new one. The benchmark code is here.

I measured baz = "\(foo)\(bar)" vs. baz = foo + bar, which is what I thought he was originally talking about (i.e not building up a giant string), and found the latter to be about twice as fast, perhaps because of the overhead that Groff mentioned.

Devilla measured newString = "\(string1) \(string2)" vs. newString = string1 + " " + string2 and found the latter to be 70x faster. I tried to reproduce this but found less than 10% difference in the opposite direction. In other words, interpolation was slightly faster. However, I am using Swift 4, and he was using Swift 2.

Most smartphone cameras have wide-angle lenses, says The Verge’s creative director James Bareham, and close-ups with wide-angle lenses cause distortion that makes objects closer to the camera — like, say, a nose — look larger. “It’s kind of one of the basics of photography: don’t shoot portraits on a wide-angle lens because you will look terrible,” Bareham says.

Steve Jobs, one of the computer industry’s foremost entrepreneurs, gives a wide-ranging talk to a group of MIT Sloan School of Management students in the spring of 1992. Jobs shares his professional vision and personal anecdotes, from his role at the time as president and CEO of NeXT Computer Corporation, to the thrilling challenges of co-creating Apple Computer, and subsequent disappointments at his ousting. In conversational exchanges with audience members Jobs underscores the value of direct experience in the field, and “developing scar tissue.”

Ted Koppel, Bettina Gregory, and Ken Kashiwahara present news stories from 1981 on the relevancy of computers in every day life and how they will affect our future. Included are interviews with Apple Computer Chairman Steve Jobs and writer David Burnham.

Did you know that hidden within Photoshop CC are a number of “easter eggs” that customize the photo editing app in wacky ways? Three that you can activate in the latest version of Photoshop CC are “Layer Monkey,” the “Banana Toolbar,” and “Coffee & Toast.”

Here’s a quick look at how you find each one (keep in mind that these are entirely for fun, i.e. completely useless)[…]

Apple appears to be finally pulling the plug on its iTunes LP format this year. For music sold in the iTunes Store, iTunes LP has served as a useful but not popular digital solution for including a rich multimedia experience with digital music.

Like physical records and CDs, iTunes LP content can include lyrics, photos, and liner notes as well as access to video — but the format has never been optimized for iPhone and iPad. The special iTunes format has been around for almost ten years but only around 400 albums have used it.

I’m not quite sure whether iTunes LP was a bad idea or simply one that neither Apple (aside from Steve Jobs?) nor the music producers actually had much interest in. How else to explain that Apple never brought it to iPad?

But, these days, those extras don’t require a specific packaged format. Videos are streamed for the one or two times most people watch them, and lyrics are just a scroll away for many Apple Music tracks. The world moved beyond iTunes LP. And the remaining things it offered — like exquisite artwork on gorgeous poet, and that sense of a packaged product — simply can’t be replicated effectively on a screen.

I think this signals less “whether iTunes LP was a bad idea” (though the skeuomorphism Jobs loved is slowly dying our from the ’OSes) than “someone’s paying attention to scaling down iTunes”. I think they’re slowly moving towards killing music sales, no matter what Sellers at AWT thinks. ;^D

The main reason for us to leave the App Store is greater flexibility in pricing. For example, we are now able to offer a 50% discount to students, teachers and other members of educational institutions. That is something we simply couldn’t do before, and we feel it’s essential to reflect the realities of how and why people use Deckset.

There also is a 20% discount for teams buying either 5 or 10 copies of Deckset in bulk.

[…]

Since Deckset will now live independently of the Mac App Store (and hence, its tedious submission and review process) we will also be able to release updates much more frequently.

There were a lot of surprises in that early version of UIKit. It took forever to find the XML parser because it was buried in the OfficeImport framework. And some important stuff was completely missing: there was no way to return a floating point value with Objective-C.

There were also strange engineering decisions. You could put arbitrary HTML into a text view, which worked fine with simple tags like <b>, but crashed with more complex ones. Views also used LKLayer for compositing, which was kinda like the new Core Animation in Mac OS Leopard, but not the same.

I decided to compare SpringBoard from iPhoneOS 1 to SpringBoard on iOS 11.3 (b4). Binary size back then: 691KB. Now: 11,5MB. Classes back then: 145. Classes now: 1418. The only thing I could find that’s not changed are two instance variables on the SpringBoard class.

Parsing is one of the most thoroughly explored topics in computer science, but building parsers that give high-quality diagnostics and user feedback is still largely folk art. Here are some observations on how parsers can be constructed in a way that makes it easier to recover from parse errors, produce multiple diagnostics in one pass, and provide partial results for further analysis even in the face of errors, providing a better experience for user-driven command line tools and interactive environments.

[…]

Thinking about it a different way, we want parsing to always succeed at producing some kind of structured result. The result can contain error nodes inside it, but the error nodes don’t have to replace the entire result. How do we make a parser that always succeeds, and how exactly do we recover when we find a parse error? We can look at both problems from the perspective of designing the grammar. Effectively, we want to take a grammar and extend it to make it total, so that every string matches a rule, by adding rules for erroneous inputs.

[…]

If you’re designing a grammar from scratch, it’s also good to think about how your grammar can be parsed in a recoverable way, by considering what kinds of errors or incomplete edits users may make, and what kinds of synchronization points you can design into the grammar so that a parser can recover from malformed input.

Yeah, even though whitespace isn’t formally significant most people well-indent their code in practice. I think recent GCC uses indentation as a hint to match up imbalanced { } pairs; Clang and Swift should do the same

My first rule: don’t use a generated parser. The effort in making a hand-written recursive descent parser will pay itself off many times over in maintenance.

Parser combinators are awesome for getting something working, but tend to produce a lot of allocations. For a production compiler, I think the amortized cost of rolling your own is so low I wouldn’t look for a library to help.

Apple products are designed to do amazing things. And designed to protect your privacy.

At Apple, we believe privacy is a fundamental human right.

And so much of your personal information — information you have a right to keep private — lives on your Apple devices.

Your heart rate after a run. Which news stories you read first. Where you bought your last coffee. What websites you visit. Who you call, email, or message.

Every Apple product is designed from the ground up to protect that information. And to empower you to choose what you share and with whom.

I don’t find Safari’s privacy options very empowering. There are lots of features to protect your from the sites you visit, but that’s only half the story. Safari’s user interface doesn’t mention which user data is sent to Apple’s servers. In fact, iCloud stores your bookmarks and Reading List, open tabs, and even your full browsing history (excluding private windows).

There is no granular control. If you want to sync your bookmarks or use Reading List to move the occasional link from your iPhone to your Mac, you also have to enable history syncing.

The history data is only secured by your Apple ID password, which means that Apple has full access to it. And there have beenbugs where deleted history was not actually deleted.

With Chrome, your data syncs to Google if you create an account and log in. With Safari, you never really get a chance to opt in. macOS strongly encourages you to sign into iCloud during installation, and many apps won’t work without having it enabled in some fashion. You can opt out of iCloud’s Safari features, if you know to look for the checkbox tucked away in System Preferences.

I appreciate the granularity Chrome enables with their syncing, even amongst individual instances. I can sync my themes and extensions on my work computer without syncing my browse history, for example.

It confounds me that Safari still doesn’t sync extensions between Macs.

I won’t bore you with long intros, suffice it to say that I filed a GDPR request with Apple to obtain all the data associated with my Apple ID account and I was surprised to see that it contained a log filled with my browsing history spanning the last 4 years of my Safari usage, containing 5,083 URLs and timestamps.

[…]

Clearing your browsing history with this feature turned on seems to clear it locally from all your devices, but there is a chance that a sizable part of this data stays in a hidden / difficult-to-access log stored on Apple’s servers.

There is currently no user-facing way of seeing or deleting that data apart from contacting Apple through a web form and hoping they will comply.

I still use iTunes to sync music to my iPhone, like an animal, and stream from the phone to a Logitech Bluetooth speaker. So I can use Siri to play my own music for free. Right now, I use my own phone for this, but the downside is that as I move around there can be interference or I can get totally out of range. Also, my iPhone SE is full, so much of my music doesn’t fit on it. It might be better to dedicate an old iOS device as a stationary music controller, but that would make controlling it less convenient.

The other option, which I’ve used in the past, is to stream from iTunes on my Mac to the Bluetooth speaker. This can be controlled from the Remote app on my phone, but that is slower and less nice than Cesium and doesn’t work with Siri.

Our downloads really were slow — but seemingly only to Comcast users, and only during peak internet usage times. Something was up.
At first we thought, maybe Comcast bandwidth is just naturally more congested in the evening as people come home from work and begin streaming Netflix, etc. But that didn’t explain why the connections to our Linode control server from Comcast, during the exact same time windows for each tester, were downloading with good speeds.
We wondered, is Comcast intentionally “throttling” Cogent customers? And if so, why?

[…]

It felt like there was no way this should have worked. If I had to guess, I’d say it’s simple: in the middle of a serious ongoing debate over net neutrality, the last thing Comcast wanted to look like was a network-throttling bad guy in this blog post. But then again, maybe I’m still being too cynical — maybe they just saw a problem they hadn’t noticed and fixed it. (But really, did they really not notice that pipe was full until I asked? Surely there are network monitoring tools?) Frankly, I have to stop thinking about it, because I’ll never know. But no matter the reason, I’m very grateful: thanks for listening to us, Comcast.)

At this point I can’t see myself switching back to Mac OS. There is only one task (MoneyWell) that I haven’t been able to achieve with my new Linux or FreeBSD systems.

[…]

Over the year I think what I value in an operating system has shifted. I went
in valuing design, consistency, and attention to detail. I definitely still
value those things but I think I’ve softened on them. I’m willing to settle for
a few rough edges. In return I get:

Systems that are always up to date

More hardware options

Upgradeable hardware

The ability to build an environment that works for me

“The freedom to study how the program works, and change it so it
does your computing as you wish”.

That last one has come as a bit of a surprise. I’ve always been a fan of open
source but was happy to use well-made proprietary software. It turns out that
when a huge portion of your system is open source your perspective changes.
Jumping through hoops to install proprietary software (that’s not in the
system package repos) is kind of a drag, and feels sort of wrong for the
system.

There’s also something wonderful about public bug trackers. You can
search and track the progress of an issue instead of just submitting it into
the void.

Akamai defended against the attack in a number of ways. In addition to Prolexic’s general DDoS defense infrastructure, the firm had also recently implemented specific mitigations for a type of DDoS attack stemming from so-called memcached servers. These database caching systems work to speed networks and websites, but they aren’t meant to be exposed on the public internet; anyone can query them, and they’ll likewise respond to anyone. About 100,000 memcached servers, mostly owned by businesses and other institutions, currently sit exposed online with no authentication protection, meaning an attacker can access them and send them a special command packet that the server will respond to with a much larger reply.

Unlike the formal botnet attacks used in large DDoS efforts, like against Dyn and the French telecom OVH, memcached DDoS attacks don’t require a malware-driven botnet. Attackers simply spoof the IP address of their victim and send small queries to multiple memcached servers—about 10 per second per server—that are designed to elicit a much larger response. The memcached systems then return 50 times the data of the requests back to the victim.

In Objective-C, it’s possible to store a block as an id type, e.g. in a collection like NSDictionary<String *, id>. However, that’s a trap. If we store a Swift closure in the imported dictionary type, it will crash at the time we access the value.

There is a workaround, but it has to be done on the Swift side. Declare the closure type with the @convention(block) and use it as a type[…]

[…]

The non-system framework Objective-C NSUInteger is imported as UInt. That’s not very consistent with the Swift concept of having an Int as the ultimate integer type. The conversation about if NSUInteger should be automatically imported as an Int is already older than a year, and we’re still looking for a better solution in this area.

[…]

API Notes is a textual file with a set of metadata interpreted by Swift’s Clang Importer without the need to rebuild the binary.

[…]

@_exported will make an imported module re-exported as if the imported symbols were part of the intermediate module. The intermediate module is logically placed between two other modules, which is why it’s called an overlay framework: It overlays the @_exported modules.

The biggest change in Script Developer 7 is the release of our new “lite” mode, which offers all the basic editing, debugging and dictionary functions that you need to write your code. Even without Script Debugger’s advanced features, it represents a significant improvement over the Script Editor which comes with your Macintosh.

[…]

Script Debugger 7 offers a new way of deploying AppleScripts as standalone applications with an improved interface for your users, support for automatic software updates via Sparkle and much more.

[…]

Script Debugger 7’s Dictionary Explorer lets you move, copy or delete objects. Script Debugger 7’s lets you explore much more of an application’s scripting abilities without writing a single line of AppleScript code.

[…]

Script Debugger 7 offers an entirely new way of generating AppleScript code: Explorer recording. Start recording a script, and then begin exploring an application using Script Debugger’s Dictionary Explorer. As you alter property values or move, copy or delete objects, the corresponding AppleScript code is added to your script.

More changes are listed here. I also really like the redesigned Web site and the new application and document icons. This is a great app.

The standard applet shell provided by Apple has been with us since AppleScript’s inception. It is a minimal means of deploying a script as a stand alone application. Our objective with the Enhanced Applet shell is to provide additional functionality for scripters and to improve the user experience, especially when developing droplets (scripts that open files).

Many larger iOS apps re-implemented their own in-app web browser. While this was necessary many years ago, nowadays it’s not only not required any more, it actually adds a major risk to the end-user.

[…]

Using a custom in-app browser, allows the app developer to inject ANY JavaScript code into the website the user visits. This means, any content, any data and any input that is shown or stored on the website is accessible to the app.

[…]

It allows the app maintainer to inject additional analytics code, without telling the user.

[…]

Any app with an in-app browser can easily steal the user’s email address, passwords and two-factor authentication codes.

[…]

Once the user is logged in, you also get access to the full HTML DOM + JavaScript data & events, which means you have full access to whatever the user sees. This includes things like your emails, your Amazon order history, your friend list, or whatever other data/website you access from an in-app web view.

This is partially a consequence of iOS’s full screen interface. On the Mac, it’s no big deal to open a separate Safari browser window, and entering credentials or doing general browsing in an in-app browser would seem weird.

I’m not sure what Apple can do about this on iOS. Even if the user knows what the safer SFSafariViewController looks like, that appearance could be spoofed. And there are plenty of legitimate uses for a regular embedded Web view.

That’s how the house of cards comes crumbling down. App Review certainly should boot apps that steal credentials and do other nefarious things. However, if their responsibilities cover the behavior of apps (they do), then they also have to consider apps like Facebook.

Facebook’s business is built on exploiting user data in some way. Hell, Google’s is, too. However, I don’t think anyone is under any misconception that Apple’s App Review team is giving a serious, critical look at the behavior of those companies. They’re not.

This line of thinking forces us to ask what is the role of app review, and ultimately what is the role Apple’s moral policies? Are they really running their business as if they’re fighting the good fight, or is that all just marketing?

This is an area where App Review could help but won’t. App Review continues to look the other way, even for blatant push notification spam. And when there is enforcement, the rules are different for the big players.

My son’s school isn’t supposed to allow outside recess if it’s below 32 degrees, so my son went to http://weather.com , opened up the web inspector, changed the temperature from 28 to 36, and showed the teacher.

After weeks of silence, Amazon's retail team informed Nest employees on a conference call late last year that it would not list any of the newer Nest products recently announced by the company, according to a person familiar with the call. The products in question include the latest Nest thermostat and the Nest Secure home security system, among others.

On that call, says the person, Amazon told Nest that the decision came from the top — and that it had nothing to do with the quality of Nest products, which had great reviews on Amazon.

[…]

As a result of Amazon's decision, Nest decided to stop selling any of its products through Amazon, meaning the limited number of Nest devices listed on Amazon today are expected to disappear from the site once current inventory is sold out, according to a person familiar with the matter.

I find these decisions fascinating. Amazon could already promote its own line of home products all over its site, even on listings for Nest products. Is it that much better to have Nest products not show up in searches at all? Is it really worth the lost revenue and analytics to send those purchasers elsewhere? And to tarnish Amazon’s image as the “everything store”? iPad and Kindle are not even really in the same market, and Amazon does sell tablets from other companies.

I’m soliciting feedback about the networking APIs on Apple’s various platforms. The focus here is on commonly-used user-space networking APIs; think NSURLSession, NSStream and BSD Sockets, not VPN, NKEs, Wi-Fi management, and so on.

This is exactly what has happened to us. Our popular product The Anchor, the first under desk headphone mount, with 1500+ reviews, has been getting flooded with counterfeits. The current counterfeit seller, suiningdonghanjiaju Co Ltd (yeah they sound legit), has been on there for the past 5 days and taken all the sales.

They literally reverse engineered it, made steel compression molds, made the logo wrong, used fake 3M adhesive that’s very thin and was diecut smaller than the top (measure once, cut twice), they use a lower durometer silicone so it flexes more, its has huge mold parting lines, and the packaging is literally photocopied then reprinted (you can tell by the lack of image contrast). And they had to apply a big sticker to cover our SKU with theirs. But to the untrained eye, it would pass. Can’t wait for the negative reviews to come…

This is not a cloned product with its own listing on Amazon. Rather, the counterfeiter is listed as a seller on Elevation Lab’s own product page.

There is something extremely simple Amazon could do about it. If you have a registered brand in the Brand Registry and don’t sell the product wholesale - there could be one box to check for that. And anyone else would have to get approval or high vetting to sell the product, especially if they are sending large quantities to FBA. I imagine there are some algorithmic solutions that could catch most of it too. And it wouldn’t hurt to increase the size of the Brand Registry team so they can do their work faster.

To keep this service affordable to small businesses, we have a white label application that can be themed to their specifications. So everything is built from a single project.

Recently it got to the point where some customers would have a few of our apps installed.

We started getting tickets from users telling us that an app of ours was only working on WiFi. It took us a while to figure out what was actually going on.

[…]

Rather than using an apps unique BundleID to differentiate between applications, Apple is using BundleName instead. You can install any number of apps with the same BundleName on the same device as you like.

This means that should you turn mobile data off for one of these apps, the others will also be affected.

The pipeline didn’t record many metrics. The ones it did have made it look like things had gotten worse. My bug discoveries caused the overall bug count to increase. The pipeline’s failures increased because I made it fail fast on anomalies instead of silently passing along bad data. I drastically reduced the time developers spent repairing those failures, but there were no metrics that tracked developer time.

My other work didn’t look so good on paper either. On several occasions, I put my projects on hold for weeks or even months at a time to help a teammate whose launch was at risk. It was the right decision for the team, but it looked unimpressive in a promo packet. To the promotion committee, my teammate’s project was the big, important work that demanded coordination from multiple developers. If they hornswoggled me into helping them, it’s evidence of their strong leadership qualities. I was just the mindless peon whose work was so irrelevant that it could be pre-empted at a moment’s notice.

[…]

I adopted a new strategy. Before starting any task, I asked myself whether it would help my case for promotion. If the answer was no, I didn’t do it.

My quality bar for code dropped from, “Will we be able to maintain this for the next 5 years?” to, “Can this last until I’m promoted?” I didn’t file or fix any bugs unless they risked my project’s launch. I wriggled out of all responsibilities for maintenance work.

I hate that when searching on the iOS App Store I can filter out the paid apps, but I can’t filter out the free options. For lots of searches, the free results are crap. Show me the apps that are actually worth some money.

The pointer you get back points into a buffer, which doesn’t exist anymore. That is why you need to be super careful when accessing C APIs.

[…]

Why does this [Objective-C] rarely result in an allocation? In the case above the NSString is an NSConstantString which is already backed by an UTF-8 string, and as mentioned above, a lot of NSString’s are backed by UTF-8.

[…]

I was incorrectly assuming that Swift would create the static String in a way that is backed by an UTF-8 buffer, including the terminating 0 (because that byte is negligable). And more importantly, that the compiler would directly pass over the pointer to that cString buffer. […] When using C API with Swift Strings (be it a simple puts or maybe libxml2),
be aware that such calls are really expensive (a malloc+free per call).

We have branches of Vapor and Fluent 3.0 built on #swiftnio successfully running and passing tests. Integration went very smoothly with few breaking changes. With close to 15k LOC deleted so far, we think this is definitely the right choice going forward and we’re excited!

To bookmark a Tweet, tap the share icon under the Tweet and select, “Add Tweet to Bookmarks”. To find it later, tap “Bookmarks” from your profile icon menu. You can remove Tweets from your Bookmarks at any time. Also, only you can see what you’ve bookmarked.

Cellebrite, a Petah Tikva, Israel-based vendor that’s become the U.S. government’s company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 (right up to 11.2.6). That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

If you are concerned by this then one thing you can due to mitigate it is to change your iPhone PIN from a six digit number to an alphanumeric passphrase. The cellebrite exploit involves a brute force PIN trick that allows unlimited attempts without wiping.

Just a week after Forbes reported on the claim of Israeli U.S. government manufacturer Cellebrite that it could unlock the latest Apple iPhone models, another service has emerged promising much the same. Except this time it comes from an unknown entity, an obscure American startup named Grayshift, which appears to be run by long-time U.S. intelligence agency contractors and an ex-Apple security engineer.

In recent weeks, its marketing materials have been disseminated around private online police and forensics groups, offering a $15,000 iPhone unlock tool named GrayKey, which permits 300 uses. That's for the online mode that requires constant connectivity at the customer end, whilst an offline version costs $30,000. The latter comes with unlimited uses.

Zhou’s story is the latest example of how much stricter state control has become across the Chinese Internet, especially social media platforms. In China, censorship and propaganda go hand in hand, backed by the use of physical force, including police visits, arrests and attacks by state media on people who have expressed controversial political opinions online.

Ever since he came to power in 2012, President Xi Jinping has attempted to bolster the authority of the Communist Party in part by imposing wide-ranging policies to gain ideological and informational control over the media and Internet. In 2017, the country’s first cybersecurity law came into effect; it requires Internet companies to allow even more surveillance of their networks, submit to mandated security reviews of their equipment and provide data to government investigators when requested, among other regulations.

The University of Toronto-based Citizen Lab has identified various surveillance mechanisms used to monitor social media platforms such as WeChat, which can leave people with the sense that they have a surveillance weapon in their pockets. What’s more, these mechanisms remain in effect when individuals leave the country, as do large number of Chinese students who study abroad.